All Questions

Tagged with
Filter by
Sorted by
Tagged with
2773votes
28answers
2.0mviews

How can I prevent SQL injection in PHP?

If user input is inserted without modification into an SQL query, then the application becomes vulnerable to SQL injection, like in the following example: $unsafe_variable = $_POST['user_input']; ...
995votes
11answers
958kviews

How can I do 'insert if not exists' in MySQL?

I started by googling and found the article How to write INSERT if NOT EXISTS queries in standard SQL which talks about mutex tables. I have a table with ~14 million records. If I want to add more ...
user avatar
  • 30.2k
737votes
39answers
964kviews

How do I get the query builder to output its raw SQL query as a string?

Given the following code: DB::table('users')->get(); I want to get the raw SQL query string that the database query builder above will generate. In this example, it would be SELECT * FROM users. ...
user avatar
  • 10.2k
733votes
4answers
283kviews

SQL injection that gets around mysql_real_escape_string()

Is there an SQL injection possibility even when using mysql_real_escape_string() function? Consider this sample situation. SQL is constructed in PHP like this: $login = mysql_real_escape_string(...
user avatar
  • 76.7k
376votes
19answers
576kviews

Get table column names in MySQL?

Is there a way to grab the columns name of a table in MySQL using PHP?
user avatar
  • 5,738
262votes
15answers
571kviews

Cannot simply use PostgreSQL table name ("relation does not exist")

I'm trying to run the following PHP script to do a simple database query: $db_host = "localhost"; $db_name = "showfinder"; $username = "user"; $password = "password"; $dbconn = pg_connect("host=$...
user avatar
  • 4,145
196votes
9answers
409kviews

selecting unique values from a column

I have a MySQL table which contains the following type of information: Date product 2011-12-12 azd 2011-12-12 yxm 2011-12-10 sdx 2011-12-10 ...
user avatar
  • 2,467
190votes
3answers
259kviews

How to insert multiple rows from a single query using eloquent/fluent

I have the following query: $query = UserSubject::where('user_id', Auth::id())->select('subject_id')->get(); and as expected I get the following result: [{"user_id":8,"subject_id":9},{"...
user avatar
  • 2,553
172votes
5answers
109kviews

Make column not nullable in a Laravel migration

I'm writing a migration to make certain columns in a table nullable right now. For the down function, I of course want to make those columns not nullable again. I looked through the schema builder ...
user avatar
  • 6,609
164votes
10answers
310kviews

Increment value in MySQL update query

I have made this code for giving out +1 point, but it doesn't work properly. mysql_query(" UPDATE member_profile SET points= ' ".$points." ' + 1 WHERE user_id = '".$...
user avatar
  • 16.9k
145votes
17answers
121kviews

Getting raw SQL query string from PDO prepared statements

Is there a way to get the raw SQL string executed when calling PDOStatement::execute() on a prepared statement? For debugging purposes this would be extremely useful.
user avatar
  • 31.8k
145votes
18answers
154kviews

How to debug PDO database queries?

Before moving to PDO, I created SQL queries in PHP by concatenating strings. If I got database syntax error, I could just echo the final SQL query string, try it myself on the database, and tweak it ...
user avatar
130votes
11answers
66kviews

Flat file databases [closed]

What are the best practices around creating flat file database structures in PHP? A lot of more matured PHP flat file frameworks out there which I attempt to implement SQL-like query syntax which is ...
user avatar
122votes
10answers
65kviews

How to apply bindValue method in LIMIT clause?

Here is a snapshot of my code: $fetchPictures = $PDO->prepare("SELECT * FROM pictures WHERE album = :albumId ORDER BY id ASC LIMIT :skip, :max"); $fetchPictures->bindValue('...
user avatar
  • 46k
119votes
15answers
336kviews

How to print SQL statement in codeigniter model

I have a sql statement in my model, I then say $query = $this->db->query($sql, array(fields, fields1); if ($query) { return true: } else { echo "failed"; return false; } My query ...
user avatar
  • 4,453

15 30 50 per page
1
2 3 4 5
3280